|
256901
|
10.0 |
HIGH
|
xixun
|
xixuntiantian
|
Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) application 0.6.2 beta for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1388
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256902
|
10.0 |
HIGH
|
icekirin
|
di_long_weibo
|
Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) application 1.9.9 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1389
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256903
|
10.0 |
HIGH
|
gomiso
|
miso
|
Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1390
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256904
|
10.0 |
HIGH
|
mobisynapse
|
moffice-outlook_sync
|
Unspecified vulnerability in the mOffice - Outlook sync (com.innov8tion.isharesync) application 3.1 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1391
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256905
|
10.0 |
HIGH
|
dolphin-browser
|
dolphin_browser_hd
|
Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1392
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256906
|
10.0 |
HIGH
|
goforandroid
|
go_sms_pro
|
Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application 3.72, 4.10, and 4.35 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1393
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256907
|
10.0 |
HIGH
|
goforandroid
|
go_email_widget
|
Unspecified vulnerability in the GO Email Widget (com.gau.go.launcherex.gowidget.emailwidget) application 1.3.1, 1.8, and 1.81 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1394
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256908
|
10.0 |
HIGH
|
goforandroid
|
go_twiwidget
|
Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.gowidget.twitterwidget) application 1.7 and 2.1 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1395
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256909
|
10.0 |
HIGH
|
goforandroid
|
go_fbwidget
|
Unspecified vulnerability in the GO FBWidget (com.gau.go.launcherex.gowidget.fbwidget) application 1.9 and 2.1 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1396
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256910
|
10.0 |
HIGH
|
goforandroid
|
go_qqweibowidget
|
Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcherex.gowidget.qqweibowidget) application 1.2 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1397
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256911
|
10.0 |
HIGH
|
goforandroid
|
go_weibowidget
|
Unspecified vulnerability in the GO WeiboWidget (com.gau.go.launcherex.gowidget.weibowidget) application 2.4 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1398
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256912
|
10.0 |
HIGH
|
uplus
|
u\+box_2.0
|
Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1399
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256913
|
10.0 |
HIGH
|
uplus
|
u\+box_2.0_pad
|
Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) application 2.0.8.4 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1400
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256914
|
10.0 |
HIGH
|
intsig
|
camscanner
|
Unspecified vulnerability in the CamScanner (com.intsig.camscanner) application 1.2.2.20110823 and 1.3.2.20120116 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1401
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256915
|
10.0 |
HIGH
|
1kxun
|
qianxun_yingshi
|
Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) application 1.2.3 and 1.3.4 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1402
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256916
|
10.0 |
HIGH
|
dolphin-browser
|
dolphin_browser_cn
|
Unspecified vulnerability in the Dolphin Browser CN (com.dolphin.browser.cn) application 6.3.1 and 7.2.1 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1403
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256917
|
10.0 |
HIGH
|
dolphin-browser
|
dolphin_browser_mini
|
Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.browser) application 2.2 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1404
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256918
|
10.0 |
HIGH
|
goforandroid
|
go_note_widget
|
Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) application 1.5 and 1.9 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1405
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256919
|
10.0 |
HIGH
|
goforandroid
|
go_bookmark_widget
|
Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) application 1.1 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1406
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256920
|
10.0 |
HIGH
|
goforandroid
|
go_message_widget
|
Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1407
|
2012-03-7 20:55 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256921
|
7.6 |
HIGH
|
rsa
|
securid_software_token_converter
|
Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
|
CWE-119
バッファエラー
|
CVE-2012-0397
|
2012-03-7 14:00 |
2012-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256922
|
9.3 |
HIGH
|
investintech
|
slimpdf_reader
|
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly exec…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-4220
|
2012-03-7 14:00 |
2011-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256923
|
7.5 |
HIGH
|
brotherscripts
|
business_directory
|
SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQLインジェクション
|
CVE-2010-4969
|
2012-03-7 14:00 |
2011-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256924
|
5.0 |
MEDIUM
|
apple
|
safari
|
The JavaScript implementation in Apple Safari 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain s…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2010-5070
|
2012-03-7 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256925
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensi…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2010-5072
|
2012-03-7 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256926
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Sa…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-4681
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256927
|
6.4 |
MEDIUM
|
opera
|
opera_browser
|
The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different w…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-4682
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256928
|
10.0 |
HIGH
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."
|
NVD-CWE-noinfo
|
CVE-2011-4683
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256929
|
10.0 |
HIGH
|
opera
|
opera_browser
|
Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."
|
CWE-310
暗号の問題
|
CVE-2011-4684
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256930
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com.
|
CWE-20
不適切な入力確認
|
CVE-2011-4685
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256931
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-4686
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256932
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page.
|
CWE-399
リソース管理の問題
|
CVE-2011-4687
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256933
|
5.0 |
MEDIUM
|
opera
|
opera_browser
|
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine wheth…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-4690
|
2012-03-6 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256934
|
2.1 |
LOW
|
kingsoft
|
internet_security
|
Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application.
|
NVD-CWE-noinfo
|
CVE-2012-0321
|
2012-03-5 14:00 |
2012-03-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256935
|
10.0 |
HIGH
|
novell
|
zenworks_asset_management
|
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
|
CWE-22
パス・トラバーサル
|
CVE-2011-2653
|
2012-03-5 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256936
|
5.0 |
MEDIUM
|
novell
|
groupwise_messenger
messenger
|
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted comma…
|
CWE-200
情報漏えい
|
CVE-2011-3179
|
2012-03-5 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256937
|
4.3 |
MEDIUM
|
ca
|
siteminder
|
Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservation…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2011-4054
|
2012-03-5 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256938
|
4.3 |
MEDIUM
|
etomite
|
etomite
|
Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2011-4264
|
2012-03-5 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256939
|
4.3 |
MEDIUM
|
phpwebsite
|
phpwebsite
|
Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2011-4265
|
2012-03-5 14:00 |
2011-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256940
|
6.8 |
MEDIUM
|
cisco
|
unified_communications_manager
business_edition_3000_software
business_edition_3000
business_edition_5000_software
business_edition_5000
business_edition_6000_software
business_edit…
|
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edi…
|
CWE-89
SQLインジェクション
|
CVE-2011-4487
|
2012-03-5 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256941
|
7.5 |
HIGH
|
bravenewcode
|
wptouch
|
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQLインジェクション
|
CVE-2011-4803
|
2012-03-5 14:00 |
2011-12-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256942
|
7.5 |
HIGH
|
apple
|
safari
|
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application cr…
|
CWE-399
リソース管理の問題
|
CVE-2011-3443
|
2012-03-2 14:00 |
2012-03-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256943
|
7.8 |
HIGH
|
cisco
|
telepresence_system_software
telepresence_video_communication_server
|
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426.
|
CWE-399
リソース管理の問題
|
CVE-2012-0330
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256944
|
7.8 |
HIGH
|
cisco
|
telepresence_system_software
telepresence_video_communication_server
|
Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs
'Vulnerable Products
These vulnerabilities affect all three variants (Control, Expressway, and Star…
|
CWE-399
リソース管理の問題
|
CVE-2012-0330
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256945
|
7.5 |
HIGH
|
cisco
|
telepresence_system_software
telepresence_video_communication_server
|
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE…
|
CWE-399
リソース管理の問題
|
CVE-2012-0331
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256946
|
7.5 |
HIGH
|
cisco
|
telepresence_system_software
telepresence_video_communication_server
|
Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs
'Vulnerable Products
These vulnerabilities affect all three variants (Control, Expressway, and Star…
|
CWE-399
リソース管理の問題
|
CVE-2012-0331
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256947
|
9.0 |
HIGH
|
cisco
|
unity_connection
|
Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.
|
CWE-264
認可・権限・アクセス制御
|
CVE-2012-0366
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256948
|
7.8 |
HIGH
|
cisco
|
unity_connection
|
Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segmen…
|
CWE-399
リソース管理の問題
|
CVE-2012-0367
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256949
|
7.8 |
HIGH
|
cisco
|
unified_communications_manager
business_edition_3000_software
business_edition_3000
business_edition_5000_software
business_edition_5000
business_edition_6000_software
business_edit…
|
Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before …
|
CWE-399
リソース管理の問題
|
CVE-2011-4486
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256950
|
7.8 |
HIGH
|
cisco
|
unified_communications_manager
business_edition_3000_software
business_edition_3000
business_edition_5000_software
business_edition_5000
business_edition_6000_software
business_edit…
|
Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucm
'The following products are affected by the vulnerabilities that are described in this advisory:
…
|
CWE-399
リソース管理の問題
|
CVE-2011-4486
|
2012-03-1 14:00 |
2012-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
